Le vendredi 28 novembre 2003 à 09h36 (-0500), Stephen Frost écrivait : > > It says "Somehow they got root [...]", does anybody yet know how? > Did you *read* what they said? Mhhh... I think so... But I'm not a native english speaker actually... :) Did I miss something? I read this: "(I believe) an unknown local root exploit in the wild" and that: "we try and exhaust all reasonable avenues of investigation to determine how the attacker went from unprivileged to root." This is why I asked if somebody already knows... And this is why I suggested some idea, wishing to help a bit... > That should only gain group utmp privs on Debian systems, at least from > what I can tell. Not sure of the difficulty of going from that to root. Right, I forgot to check if screen was suid root or not in Debian... Debian never stop surprising and please me! ;-) -- J.C. "プログフ" ANDRÉ <jean-christophe.andre@auf.org> http://www.vn.refer.org/ Coordonnateur technique régional / Associé technologie projet Reflets (CODA) Agence universitaire de la Francophonie (AuF) / Bureau Asie-Pacifique (BAP) Adresse postale : AUF, 21 Lê Thánh Tông, T.T. Hoàn Kiếm, Hà Nội, Việt Nam Tél. : +84 4 9331108 Fax : +84 4 8247383 Mobile : +84 91 3248747 ⎧ Note personnelle : merci d'éviter de m'envoyer des fichiers PowerPoint ⎫ ⎩ ou Word ; voir http://www.fsf.org/philosophy/no-word-attachments.fr.html ⎭
Attachment:
signature.asc
Description: Digital signature